persist IP address that has accessed the CPVM console

Author: bernardodemarco

agent/src/main/java/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java

@@ -397,9 +397,8 @@ protected void runInContext() {
     }
 
     public String authenticateConsoleAccess(String host, String port, String vmId, String sid, String ticket,
-                                            Boolean isReauthentication, String sessionToken) {
-
-        ConsoleAccessAuthenticationCommand cmd = new ConsoleAccessAuthenticationCommand(host, port, vmId, sid, ticket, sessionToken);
+                                            Boolean isReauthentication, String sessionToken, String clientAddress) {
+        ConsoleAccessAuthenticationCommand cmd = new ConsoleAccessAuthenticationCommand(host, port, vmId, sid, ticket, sessionToken, clientAddress);
         cmd.setReauthenticating(isReauthentication);
 
         ConsoleProxyAuthenticationResult result = new ConsoleProxyAuthenticationResult();

api/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManager.java

@@ -44,7 +44,7 @@ public interface ConsoleAccessManager extends Manager, Configurable {
 
     void removeSessions(String[] sessionUuids);
 
-    void acquireSession(String sessionUuid);
+    void acquireSession(String sessionUuid, String clientAddress);
 
     String genAccessTicket(String host, String port, String sid, String tag, String sessionUuid);
     String genAccessTicket(String host, String port, String sid, String tag, Date normalizedHashTime, String sessionUuid);

core/src/main/java/com/cloud/agent/api/ConsoleAccessAuthenticationCommand.java

@@ -27,6 +27,7 @@ public class ConsoleAccessAuthenticationCommand extends AgentControlCommand {
     private String _sid;
     private String _ticket;
     private String sessionUuid;
+    private String clientAddress;
 
     private boolean _isReauthenticating;
 
@@ -35,13 +36,14 @@ public ConsoleAccessAuthenticationCommand() {
     }
 
     public ConsoleAccessAuthenticationCommand(String host, String port, String vmId, String sid, String ticket,
-                                              String sessiontkn) {
+                                              String sessiontkn, String clientAddress) {
         _host = host;
         _port = port;
         _vmId = vmId;
         _sid = sid;
         _ticket = ticket;
         sessionUuid = sessiontkn;
+        this.clientAddress = clientAddress;
     }
 
     public String getHost() {
@@ -79,4 +81,12 @@ public String getSessionUuid() {
     public void setSessionUuid(String sessionUuid) {
         this.sessionUuid = sessionUuid;
     }
+
+    public String getClientAddress() {
+        return clientAddress;
+    }
+
+    public void setClientAddress(String clientAddress) {
+        this.clientAddress = clientAddress;
+    }
 }

engine/schema/src/main/java/com/cloud/vm/ConsoleSessionVO.java

@@ -64,6 +64,12 @@ public class ConsoleSessionVO {
     @Column(name = "removed")
     private Date removed;
 
+    @Column(name = "console_endpoint_creator_address")
+    private String consoleEndpointCreatorAddress;
+
+    @Column(name = "client_address")
+    private String clientAddress;
+
     public long getId() {
         return id;
     }
@@ -135,4 +141,20 @@ public Date getAcquired() {
     public void setAcquired(Date acquired) {
         this.acquired = acquired;
     }
+
+    public String getConsoleEndpointCreatorAddress() {
+        return consoleEndpointCreatorAddress;
+    }
+
+    public void setConsoleEndpointCreatorAddress(String consoleEndpointCreatorAddress) {
+        this.consoleEndpointCreatorAddress = consoleEndpointCreatorAddress;
+    }
+
+    public String getClientAddress() {
+        return clientAddress;
+    }
+
+    public void setClientAddress(String clientAddress) {
+        this.clientAddress = clientAddress;
+    }
 }

engine/schema/src/main/java/com/cloud/vm/dao/ConsoleSessionDao.java

@@ -33,7 +33,7 @@ public interface ConsoleSessionDao extends GenericDao<ConsoleSessionVO, Long> {
 
     int expungeSessionsOlderThanDate(Date date);
 
-    void acquireSession(String sessionUuid);
+    void acquireSession(String sessionUuid, String clientAddress);
 
     int expungeByVmList(List<Long> vmIds, Long batchSize);
 }

engine/schema/src/main/java/com/cloud/vm/dao/ConsoleSessionDaoImpl.java

@@ -62,9 +62,10 @@ public int expungeSessionsOlderThanDate(Date date) {
     }
 
     @Override
-    public void acquireSession(String sessionUuid) {
+    public void acquireSession(String sessionUuid, String clientAddress) {
         ConsoleSessionVO consoleSessionVO = findByUuid(sessionUuid);
         consoleSessionVO.setAcquired(new Date());
+        consoleSessionVO.setClientAddress(clientAddress);
         update(consoleSessionVO.getId(), consoleSessionVO);
     }
 

server/src/main/java/com/cloud/consoleproxy/AgentHookBase.java

@@ -89,6 +89,7 @@ public AgentControlAnswer onConsoleAccessAuthentication(ConsoleAccessAuthenticat
 
         String ticketInUrl = cmd.getTicket();
         String sessionUuid = cmd.getSessionUuid();
+        String clientAddress = cmd.getClientAddress();
 
         if (ticketInUrl == null) {
             logger.error("Access ticket could not be found, you could be running an old version of console proxy. vmId: " + cmd.getVmId());
@@ -111,7 +112,7 @@ public AgentControlAnswer onConsoleAccessAuthentication(ConsoleAccessAuthenticat
             }
 
             logger.debug(String.format("Acquiring session [%s] as it was just used.", sessionUuid));
-            consoleAccessManager.acquireSession(sessionUuid);
+            consoleAccessManager.acquireSession(sessionUuid, clientAddress);
 
             if (!ticket.equals(ticketInUrl)) {
                 Date now = new Date();

server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java

@@ -248,8 +248,8 @@ protected void removeSession(String sessionUuid) {
     }
 
     @Override
-    public void acquireSession(String sessionUuid) {
-        consoleSessionDao.acquireSession(sessionUuid);
+    public void acquireSession(String sessionUuid, String clientAddress) {
+        consoleSessionDao.acquireSession(sessionUuid, clientAddress);
     }
 
     protected boolean checkSessionPermission(VirtualMachine vm, Account account) {

services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxy.java

@@ -183,7 +183,6 @@ public static ConsoleProxyServerFactory getHttpServerFactory() {
     }
 
     public static ConsoleProxyAuthenticationResult authenticateConsoleAccess(ConsoleProxyClientParam param, boolean reauthentication) {
-
         ConsoleProxyAuthenticationResult authResult = new ConsoleProxyAuthenticationResult();
         authResult.setSuccess(true);
         authResult.setReauthentication(reauthentication);
@@ -227,7 +226,7 @@ public static ConsoleProxyAuthenticationResult authenticateConsoleAccess(Console
             try {
                 result =
                         authMethod.invoke(ConsoleProxy.context, param.getClientHostAddress(), String.valueOf(param.getClientHostPort()), param.getClientTag(),
-                                param.getClientHostPassword(), param.getTicket(), reauthentication, param.getSessionUuid());
+                                param.getClientHostPassword(), param.getTicket(), reauthentication, param.getSessionUuid(), param.getClientIp());
             } catch (IllegalAccessException e) {
                 LOGGER.error("Unable to invoke authenticateConsoleAccess due to IllegalAccessException" + " for vm: " + param.getClientTag(), e);
                 authResult.setSuccess(false);
@@ -301,7 +300,7 @@ public static void startWithContext(Properties conf, Object context, byte[] ksBi
             final ClassLoader loader = Thread.currentThread().getContextClassLoader();
             Class<?> contextClazz = loader.loadClass("com.cloud.agent.resource.consoleproxy.ConsoleProxyResource");
             authMethod = contextClazz.getDeclaredMethod("authenticateConsoleAccess", String.class, String.class,
-                    String.class, String.class, String.class, Boolean.class, String.class);
+                    String.class, String.class, String.class, Boolean.class, String.class, String.class);
             reportMethod = contextClazz.getDeclaredMethod("reportLoadInfo", String.class);
             ensureRouteMethod = contextClazz.getDeclaredMethod("ensureRoute", String.class);
         } catch (SecurityException e) {